CVE-2023-21135: In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation....
Description
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119
Classification
CVE ID: CVE-2023-21135
Affected Products
Vendor: n/a
Product: Android
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 5.08% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)